Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Fortigate vs Fortigate VM



We currently have an office with about 200 employees behind two Fortigate 90D HA A-A under FortiOS 5.2.13 and the cpu is often at 100% during the business hours (I know 90D isn't enough for that many employees). Only the application control, the web filtering and certificate inspection are activated for Internet trafic. The Internet trafic is about 10-20 MBPS at worst. We're looking to replace it with Fortigate 100E/200E or FortigateVM 02V.


What's the general opinion of having a Fortigate VM instead of 2 Fortigate in HA A-A doing the perimeter security? I know we lose the hardware acceleration, the HA and it creates a risk with VMware (problem with the disk, spikes in CPU, hardware problems, etc.).


Thank you,

Fortigate : 80E, 80F, 100E, 200F, 300E : 6.4.6

FortiAnalyzer, ForticlientEMS

Fortigate : 80E, 80F, 100E, 200F, 300E : 6.4.6 FortiAnalyzer, ForticlientEMS

For FGT-VM64, I was able to add virtual harddisk that can be used for logging.  You can also extend memory but this depends on license too (including CPU count).  When scanning a specific virus sample, arm cpu could go to 100% (older/slower arm cpu) but intel i7-4790k could only take ~3%.  I was able to setup HA A-P mode for testing but HA A-A should work too.  If FGT-VM license expires or not able to verify with Fortiguard, the CLI availability would become limited unlike in actual FGT hardware device. I was able to also mount the virtual harddisk but the image is compressed so /bin folder is empty.


Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors